PRIVACY POLICY

DHOEMI operates this store and website, including all related information, content, features, tools, products and services, in order to provide you with a curated shopping experience (the “Services”). DHOEMI is powered by Shopify, which enables us to provide the Services. This Privacy Policy explains how we collect, use, and share your personal information when you visit or make a purchase from dhoemi.com (the “Site”).

Please read this Privacy Policy carefully. By using or accessing the Services you acknowledge that you have read this Privacy Policy and understand how we collect, use, and disclose your information as described below.

CONTROLLER

DHOEMI AB (reg. no. 5593873846) is the controller for the processing of personal data described in this policy.

Mailing address: Box 45176, 104 30 Stockholm, Sweden

Email: contact@dhoemi.com

PERSONAL INFO WE COLLECT

We collect information that you provide directly to us and information that is collected automatically when you use the Site.

Order information (provided by you). When you make or attempt to make a purchase we collect your name, billing address, shipping address, payment details, email address and phone number.

Device information (automatically collected). When you visit the Site we automatically collect certain information about your device, browser and interaction with the Site. This includes your IP address, browser type and version, time zone, pages you view, referral sources, and information collected through cookies, web beacons, tags and pixels.

Together we refer to Order Information and Device Information as “Personal Information” in this policy.

HOW WE USE YOUR PERSONAL INFORMATION (AND LEGAL BASES UNDER GDPR)

We use Personal Information for the following purposes; where relevant we note the typical legal basis under EU data protection law (GDPR):

- To fulfil your orders and provide the Services (e.g., process payments, arrange shipping, send order confirmations). — Legal basis: performance of a contract.

- To communicate with you about orders, returns, support requests and account matters. — Legal basis: performance of a contract / legitimate interests.

- To detect and prevent fraud and abuse and to secure our Services. — Legal basis: legitimate interests / legal obligations.

- To improve our Site and services through analytics and testing. — Legal basis: legitimate interests.

- For advertising and marketing (including sending newsletters and personalised email offers). Where required by law, we will rely on your consent; in other cases we may rely on legitimate interests (for example marketing to existing customers), subject to your rights to opt out. — Legal basis: consent or legitimate interests.

- To comply with legal obligations (for example accounting/tax retention). — Legal basis: legal obligation.

If we rely on legitimate interests we will consider whether those interests are overridden by your rights and freedoms, and we will document that assessment.

THIRD PARTIES AND SERVICE PROVIDERS

We share Personal Information with service providers who help us operate the Site and run the business. Typical categories include payment processors, shipping and fulfilment providers, analytics providers and marketing platforms.

Examples you should know about:

- Shopify powers our online store and hosts customer data. For details on Shopify’s data practices see: https://www.shopify.com/legal/privacy.

- Analytics & advertising providers (such as Google Analytics, Meta, TikTok) who help us understand site usage and deliver personal ads. See Google’s privacy policy at https://www.google.com/policies/privacy and the relevant ad platforms’ privacy pages.

We require our service providers to process Personal Information only as instructed and to maintain appropriate security safeguards.

We do not sell your personal information.

BEHAVIOURAL ADVERTISING AND OPT-OUTS

We may use Personal Information to deliver targeted advertising on other websites and platforms. Where possible we rely on consent for non-essential tracking. You can opt out of interest-based ads using the links below or your device/browser settings:

- Facebook: https://www.facebook.com/settings/?tab=ads

- Google: https://www.google.com/settings/ads/anonymous

- Bing: https://advertise.bingads.microsoft.com/en-us/resources/policies/personalized-ads

- Digital Advertising Alliance (EU/US opt-out portal): http://optout.aboutads.info/

If you use Global Privacy Control (GPC) or similar legally recognised signals we will treat that as an opt-out where applicable.

COOKIES

We use cookies and similar technologies to operate and improve the Site, to provide basic functionality (e.g., cart and checkout), for analytics, and for advertising. When you first visit the Site you will be offered cookie controls. You can manage or withdraw consent at any time using the cookie settings accessible in the footer. Disabling non-essential cookies may reduce the functionality of the Site.

For general information about cookies see: http://www.allaboutcookies.org

INTERNATIONAL TRANSFERS

Some service providers we use store and process data outside the EEA/UK (for example in the United States or Canada). When Personal Information is transferred outside the EEA/UK we use appropriate safeguards such as the European Commission’s Standard Contractual Clauses (SCCs) and other measures as required. You can request details about the safeguards we use by contacting contact@dhoemi.com.

DATA RETENTION

We retain Personal Information only for as long as necessary to provide the Services, comply with legal obligations, resolve disputes and enforce our agreements. Typical retention periods:

- Order and invoice records: retained as required by tax/accounting law (generally up to 7 years).

- Customer support and complaints: retained for the statutory claim period or as needed to resolve the matter.

- Marketing records: retained until you withdraw consent or after a period of inactivity.

- Account data: retained until you close your account or after a reasonable inactivity period.

If you request deletion we will delete your data unless legal obligations or other legitimate grounds require retention.

YOUR RIGHTS (EEA/UK RESIDENTS)

If you are located in the EEA or the UK you have certain rights regarding your Personal Information, subject to legal limits:

- Right to access the personal data we hold about you.

- Right to request correction of inaccurate data.

- Right to request erasure (“right to be forgotten”) in some circumstances.

- Right to restrict or object to processing, including for direct marketing.

- Right to data portability where processing is based on consent or contract.

- Right to withdraw consent where processing is based on consent.

To exercise your rights contact contact@dhoemi.com. We may need to verify your identity before responding. You also have the right to lodge a complaint with Integritetsskyddsmyndigheten (IMY) in Sweden or with your local supervisory authority.

CHILDREN

Our Site, Services, and newsletter are intended for adults. We do not knowingly collect personal information from anyone under 16. If we become aware that we have collected such information, we will delete it.

CHANGES

We may update this Privacy Policy to reflect changes in our practices or legal/regulatory requirements. The “Last updated” date at the top will indicate when this policy was last revised.

CONTACT US

If you have questions about this Privacy Policy, or wish to exercise any of your rights, please contact:

DHOEMI AB

Box 45176

104 30 Stockholm, Sweden

contact@dhoemi.com